Cryptography Pitfalls

Presented at THOTCON 0x8 (2017), May 4, 2017, 12:30 p.m. (25 minutes).

Developers tend do a poor job of implementing cryptography and other security measures in their systems. However, we as security people aren't doing very much to help them be successful. Often the primitives used are out of date and overlook very subtle flaws. These mistakes lead to systems that are hopelessly insecure despite our perception that we've build an impenetrable fortress. Fortunately there are a few tools and techniques at our disposal that can ease some of the pain. In this talk we'll get our laughs by exploring some of the most common pitfalls developers encounter with cryptography, but also try and restore some of our sanity.


Presenters:

  • John Downey
    John Downey is the Security Lead at Braintree. There he has worked on their HA infrastructure and integrations into the banking system.

Similar Presentations: